diff --git a/.reuse/dep5 b/.reuse/dep5
index 38b1937635..4cf9906f81 100644
--- a/.reuse/dep5
+++ b/.reuse/dep5
@@ -82,6 +82,7 @@ Files: **/*.after*
        bin/tests/system/xfer/ans5/badkeydata
        bin/tests/system/xfer/ans5/badmessageid
        bin/tests/system/xfer/ans5/goodaxfr
+       bin/tests/system/xfer/ans5/ixfrnotimp
        bin/tests/system/xfer/ans5/partial
        bin/tests/system/xfer/ans5/soamismatch
        bin/tests/system/xfer/ans5/unknownkey
diff --git a/bin/tests/system/ans.pl b/bin/tests/system/ans.pl
index bbae89ef57..946d2ae01f 100644
--- a/bin/tests/system/ans.pl
+++ b/bin/tests/system/ans.pl
@@ -65,6 +65,11 @@
 #  pattern, only this data will be signed. Currently, this is only
 #  done for TCP.
 #
+# /pattern NOTIMP <key> <key_data>/
+# /pattern NOTIMP/
+#
+# Return a NOTIMP response
+#
 # /pattern bad-id <key> <key_data>/
 # /pattern bad-id/
 #
@@ -376,13 +381,20 @@ sub handleTCP {
 		if ("$qname $qtype" =~ /$dbtype/) {
 			$count_these++;
 			my $a;
+			my $done = 0;
 			foreach $a (@{$r->{answer}}) {
 				$packet->push("answer", $a);
 			}
+			if (defined($key_name) && $key_name eq "NOTIMP") {
+				$packet->header->rcode('NOTIMP');
+				$key_name = $key_data;
+				($key_data, $tname) = split(/ /,$tname);
+				$done = 1;
+			}
 			if (defined($key_name) && $key_name eq "bad-id") {
 				$packet->header->id(($id+50)%0xffff);
 				$key_name = $key_data;
-				($key_data, $tname) = split(/ /,$tname)
+				($key_data, $tname) = split(/ /,$tname);
 			}
 			if (defined($key_name) && defined($key_data)) {
 				my $tsig;
@@ -453,6 +465,7 @@ sub handleTCP {
 			}
 			#$packet->print;
 			push(@results,$packet->data);
+			last if ($done);
 			if ($tname eq "") {
 				$tname = $qname;
 			}
diff --git a/bin/tests/system/xfer/ans5/ixfrnotimp b/bin/tests/system/xfer/ans5/ixfrnotimp
new file mode 100644
index 0000000000..a947a6346f
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/ixfrnotimp
@@ -0,0 +1,11 @@
+/SOA tsig_key LSAnCU+Z/
+nil.      	300	SOA	ns.nil. root.nil. 2 300 300 604800 300
+/IXFR NOTIMP tsig_key LSAnCU+Z/
+/AXFR tsig_key LSAnCU+Z/
+nil.      	300	SOA	ns.nil. root.nil. 2 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil.      	300	NS	ns.nil.
+nil.		300	TXT	"IXFR NOTIMP"
+a.nil.		60	A	10.0.0.61
+/AXFR tsig_key LSAnCU+Z/
+nil.      	300	SOA	ns.nil. root.nil. 2 300 300 604800 300
diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh
index 5acc1c5d23..f6984fd423 100755
--- a/bin/tests/system/xfer/tests.sh
+++ b/bin/tests/system/xfer/tests.sh
@@ -307,6 +307,25 @@ $DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || {
     status=$((status+1))
 }
 
+n=$((n+1))
+echo_i "handle IXFR NOTIMP ($n)"
+
+sendcmd < ans5/ixfrnotimp
+
+$RNDCCMD 10.53.0.4 refresh nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "zone nil/IN: requesting IXFR from 10.53.0.5" > /dev/null || {
+    echo_i "failed: expected status was not logged"
+    status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'IXFR NOTIMP' >/dev/null || {
+    echo_i "failed"
+    status=$((status+1))
+}
+
 n=$((n+1))
 echo_i "unsigned transfer ($n)"